Skip to content

Disclosures Needed for Web Banking?

Question: 
I've read your articles on Reg. E Disclousres on the Web. But we are taking applications for Internet banking via the Web. Do we still need a Reg. E Disclosure and what should we be sure to include and watch for?
Answer: 

Answer by Mary Beth Guard: I'll let another guru respond to the Reg E portion of the question. I want to stress the importance of having an electronic services agreement. This would be a binding contractual agreement between you and your customers that sets forth customer obligations and duties and attempts to allocate potential liability for losses in a fair and equitable manner. Particularly in light of the recent phishing scams, which are becoming more dangerous due to malicious code in some of the emails which make it unnecessary for the victim to even fall for the scam and enter their information, it's more important than ever to educate the customer about risks such as l) connecting to online banking on a public or shared computer; 2) failing to properly safeguard their user names and passwords; 3) engaging in poor password/user name selection; 4) opening and/or responding to emails that purport to come from your institution which are, in fact, bogus.

Answer: 

Answer by Richard Insley: No Reg E disclosure is triggered by "taking applications for Internet banking via the Web." Coverage begins when you permit the consumer to engage in electronic fund transfers. Initial Reg. E disclosures must be given no later than the time of the first such transfer. Most often, Internet banking service is added to existing accounts. If these accounts already allow ATM access and other EFT services, you have already given Reg. E initial disclosures. If these disclosures were recent and broad enough to encompass the online bill payment or other uniquely Internet-based EFT service you are providing, then you are done. On the other hand, if previous disclosures were not recent or on point, then you must provide additional Reg. E disclosures about the new access device (the web-based service.)Reg. E disclosures can be provided on paper, provided the document reaches the consumer before his/her first use of the new EFT service. If you are relying on electronic documents, then ESIGN's informed consent rules apply.

Answer: 

Answer by John Burnett: I have long been an advocate of better education of customers, and Mary Beth's mention of phishing scams points out an important area in which bankers can do a better job of providing helpful information.

Lest anyone infer from Mary Beth's post that reminders about phishing safety might protect the bank, however, we need to remember that Regulation E will protect consumers, rather than the bank, from consumer ignorance, negligence, or even outright stupidity, when it comes to phishing.

First published on BankersOnline.com 1/31/05

First published on 01/31/2005

Search Topics